Why Facebook's Finally Getting Religion on the Privacy Issue

Facebook is going to start giving its members more of a say in how their personal data is used, thanks to some pressure applied by Irish and U.S. authorities. That's because it will need all the regulatory goodwill it can muster when it takes its company public next year, said Consumer Watchdog's John Simpson. "Facebook has realized that if they want to be globally active, they have to play by countries' rules."

By Erika Morphy
Dec 22, 2011 8:40 AM PT

Facebook has agreed to improve privacy protections in Europe over the next six months, after a three-month audit by Ireland's data protection agency found the social network lacking in some areas.

Users will be given more information about how Facebook and third-party app providers handle their information, the company promised. It also agreed to scale back the amount of data that is collected when users are not on the network. Finally, it will ask users whether they want to participate in the facial recognition photo-tagging system it is implementing.

A Serious Matter

To hear Facebook tell it, the company is making these changes on a voluntary basis.

"Facebook has committed to either implement, or to consider, other 'best practice' improvements recommended by the data protection commissioner," reads a company statement.

In fact, it is much more serious than that, John Simpson, director of the privacy project at
Consumer Watchdog, told TechNewsWorld.

"What makes this review so important is that Facebook's global operations outside of Canada are run through its headquarters in Ireland, so what is done there sets the tone for privacy protection," he said.

Facebook's language is telling, he said -- but so is the Irish agency's.

"What the Irish are saying is that Facebook is lacking in several areas, and if Facebook hasn't made significant progress in six months, there will be a problem," said Simpson.

The FTC Agreement

This agreement follows a privacy deal Facebook forged with the Federal Trade Commissioner at the end of November. Chief among the promises it made to the U.S. agency was an agreement to submit to periodic independent privacy audits for the next 20 years. It also agreed to ask users for permission before changing the way their data is released.

The FTC agreement originated from charges Facebook has reneged on privacy promises it made to its users over the years -- so much so that at times its actions have threatened the "health and safety" of the users.

Similar objections have been raised in Europe -- where privacy concerns and violations are taken much more seriously than the U.S.

"In Europe, privacy is practically seen as a human right," Simpson said.

The Facebook IPO

Facebook's response to the Irish authority and its agreement with the FTC signal a new approach to privacy on the company's part, Simpson said, although he doesn't necessarily ascribe it to much soul-searching or a change in attitude.

Rather, Facebook knows perfectly well it will need all the regulatory goodwill it can muster when it takes its company public next year, he said, which is widely expected. "Facebook has realized that if they want to be globally active, they have to play by countries' rules."